<?session_start();?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
$db_server = "localhost";
$db_name = "chrishsu_membership";
$db_user = "chrishsu_member";
$db_passwd = "membership";

if(!@mysql_connect($db_server, $db_user, $db_passwd))
        die("無法對資料庫連線");

//資料庫連線採UTF8
mysql_query("SET NAMES utf8");

//選擇資料庫
if(!@mysql_select_db($db_name))
        die("無法使用資料庫");

$id = $_POST['id'];
$pw = $_POST['pw'];

$sql = "SELECT * FROM users where userid = '$id' and passwd = sha1( '$pw' ) and approved = 1";
$result = mysql_query($sql);
$row = @mysql_fetch_row($result);
if($id != null && $pw != null && $row[0] == $id)
{
        //將帳號寫入session，方便驗證使用者身份
        $_SESSION['username'] = $id;
        echo '登入成功!';
        echo '<meta http-equiv=REFRESH CONTENT=1;url=test_memberonly.php>';
}
else
{
        echo '登入失敗!';
        echo '<meta http-equiv=REFRESH CONTENT=1;url=test_login.html>';
}
?>